Application Risk and Analysis Summary
Application Control
PT S
Fortinet provides robust application control reports detailing how applications are traversing your network and the risks they might pose. These are useful when trying to determine how to define/optimize firewall policies, utilize corporate resources or conduct internal trainings. For instance, the excessive use of Dropbox might indicate the need to setup and internal file repository. Similarly, an uptick in social networking activity may indicate the need for trainings or reminders of corporate policies.
Applications Detected by Risk Behavior
Modern security organizations need increasingly complex security processes in place to handle the myriad of applications in use on the network and in the data center. The problem is determining which applications in your environment are most likely to cause harm. The following charts provide a breakdown of the high risk applications identified on the network. It has been determined by FortiGuard Labs that these applications represent possible vectors for data compromise, network intrusion, or a reduction in network performance. Application Name
Category
Technology
Zeroaccess.Botnet
Botnet
Client-Server
Evasive
Skype
P2P
Peer-to-Peer
Evasive
WebEx
Collaboration
Evasive
Dropbox
Evasive
Google.Docs
Evasive
Google.Desktop
General.Interest
Evasive
Skype_Communication
P2P
Evasive
EBay.Toolbar
General.Interest
Evasive
Evernote
General.Interest
Evasive
RDP
Remote.Access
Bandwidth
Sessions
ER
Risk
24.07 KB
74
7.42 MB
22.11 K
Browser-Based|Client-Server
51.86 MB
21.80 K
File.Sharing
Browser-Based
10.30 GB
13.34 K
Collaboration
Browser-Based
1.43 MB
4.29 K
1.69 GB
2.18 K
Peer-to-Peer
725.86 KB
2.18 K
Browser-Based
365.95 KB
1.10 K
Browser-Based
222.32 KB
657
Client-Server
502.28 MB
636
C
Client-Server
EX
Botnet
Application Usage By Category
E
As part of the traffic classification process, the FortiGate identifies and categorizes applications crossing the network into different categories based on the number of sessions and bandwidth used. This data complements the granular application threat data and provides a more complete summary of the types of applications in use on the network. Application Category
File.Sharing General.Interest Web.Surfing Network.Service
M
P2P
PL
Media
Bandwidth 43.11 GB 10.79 GB 2.01 GB 1.25 GB 840.21 MB 510.11 MB
Remote.Access
502.66 MB
IM
167.36 MB 74.92 MB
SA
Social.Networking Update
18.25 MB
Risky Applications Breakdown
Application Usage By Category Media 72.7% (43 GB) File.Sharing 18.2% (11 GB) General.Interest 3.4% (2 GB) Excessive-Bandwidth 74.0% (212093) Evasive 26.0% (74399) Botnet 0.0% (74)
Web.Surfing 2.1% (1 GB) Network.Service 1.4% (840 MB) P2P 0.9% (510 MB) Remote.Access 0.8% (503 MB) IM 0.3% (167 MB) Social.Networking 0.1% (75 MB) Update 0.0% (18 MB)
ARA Summary - FortiAnalyzer Host Name: FAZVM64
Page 1 of 4